watchTowr: Veeam Backup & Response - RCE With Auth, But Mostly Without Auth (CVE-2024-40711)
Reference: CVE-2024-40711 (9.8 critical, disclosed 04 September 2024 by Veeam) Veeam Backup & Replication: A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE). This vulnerability was reported by reported by Florian Hauser @frycos with CODE WHITE Gmbh @codewhitesec.

watchTowr doing what they do best, root cause analysis of vulnerabilities and breaking it down Barney style. Veeam Backup and Replication's CVE-2024-40711 has an authenticated RCE with a 9.8? watchTowr does patch-diffing (a lot of code and rambling). They name drop James Forshaw @tiraniddo in referencing “Stupid is as Stupid Does When It Comes to .NET Remoting”

Okay in reading through this, CVE-2024-40711 is actually comprised of two separate bugs. Veeam silently patched an improper authorization bug, then the deserialisation bug 3 months later. watchTowr claims that there is a way to bypass CVE-2024-40711 (details are still under embargo). They do not release a proof of concept due to the current situation and proclivity for ransomware actors to go after Veeam backups.

#cve_2024_40711 #vulnerability #rootcauseanalysis #cve #veeam #infosec #cybersecurity

Data-Oriented Design Revisited: Type Safety in the Zig Compiler

https://www.youtube.com/watch?v=KOZcJwGdQok

Discussions: https://discu.eu/q/https://www.youtube.com/watch?v=KOZcJwGdQok

#programming #ziglang

3 more weeks before my Windows Kernel Exploitation training at #HEXACON2024
Don't miss out! More info on contents -> https://www.hexacon.fr/trainer/halbronn/

Okay, I figured out the answer. When entering the kernel via syscall, the architecture/instruction sets %ss from the %cs value + 8. When entering the kernel via interrupt, %ss is 0.

I finally got my copy of #Phrack71!

Impressive work by the new @phrack staff 💚

Greetings, Myth Lovers! In celebration of #BeerLoversDay Monday's theme is beer an other inebriating beverages! Do you know a myth that features beer or a similar drink? Is the beer helpful or a hindrance? Tell us the myth and use the hashtag #MythologyMonday for boosts.

#mythology @mythology @folklore @TarkabarkaHolgy @juergen_hubert @curiousordinary @wihtlore @FairytalesFood @bevanthomas @FinnFolklorist @Godyssey @GaymerGeek @starrytimepod @ljwrites

Sometimes when people don't want an idea interrogated they arrange words around it like a moat. Construct intricate vocabularies that make it so you can only approach it from certain directions, never from the directions where it is weak to attack. Insist you use their vocabulary, debate on their terms. Sometimes I like to just walk directly into the moat. See, it's only ankle deep. This makes people upset. You're ignorant of the theory! No, I'm standing in the middle of it. It's just water dude

Team #Hashcat is pleased to present our much anticipated write-up for this year's #CrackMeIfYouCan contest at #Defcon32

📕 Read it here:
https://raw.githubusercontent.com/hashcat/team-hashcat/8a72d338660cc6d8f4f8014bd8e3236f8c59cd6e/CMIYC2024/CMIYC2024TeamHashcatWriteup.pdf

#password #passwordcracking #redteam #ctf #defcon #hacking #infosec #cybersecurity

ublock origin is great and so don't take this the wrong way but I've never understood why it doesn't have a they-live mode where instead of removing the ads altogether they get rendered as greyscale messages like "OBEY" / "CONSUME" / "DO NOT QUESTION AUTHORITY"

Crypto is holding Texas' independent electricity grid hostage for ransom, while the conservatives who run the state realize they've been duped by the big businesses they sidle up to.
https://www.economist.com/united-states/2024/08/27/why-texas-republicans-are-souring-on-crypto